PR lib/60369 Update tests to match modern UTF-8
This just removes test cases using invalid (by current standards) UTF-8
sequences (in one case the test is modified to switch it from invalid to valid)
The XFAIL that was added is removed. ("removed" in all of this means
hashifd away).
There is, in this change, no attempt to fix either of the other very valid
concerns - actually testing invalid input to ensure it is rejected (would
need to be a whole new test case, the way they are currently structured is
not condusive to that - the input is simply known to be valid), nor having
the test continue to try the remaining cases if an invalid result is obtained
rather than simply abandoning ship at the first opportunity.
Also note that none of this really has anything whatever to do with the
PR, which had nothing at all to do with what is valid UTF-8 and what is
not, but merely when something that is to be treated as invalid is
detetected, that MUST be reported, the (libc, not test) code must not
go on to examine further bytes and end up reporting that more are needed
[2 lines not shown]
devel/gitpane: update to 0.8.1
[0.8.1] - 2026-06-29
Added
Right-click a file in the Changes panel to open a context menu with Stage, Unstage, Discard, Open, and Open folder. Stage and Unstage are gated by what the file actually supports: a worktree change can be staged, a staged change can be unstaged, and a partially staged file offers both. Discard is confirmation gated and restores a tracked file (or deletes an untracked one). Open launches the file through the configured [open] command, or the OS default app when none is set, and Open folder reveals the file in the system file manager. File operations run against the active worktree's tree when a worktree is selected, mirroring the diff view, while the parent repository row refreshes afterward. Submodule rows offer only Open and Open folder.
Fixed
Releasing no longer fails to reach crates.io silently. The publish step swallowed every error (including an expired token's 403 Forbidden) yet still reported success, so v0.7.15 and v0.8.0 were tagged and built but never published. The step now fails the job on real errors and treats only an already-published version as a skippable no-op.
[0.8.0] - 2026-06-26
Added
Open a repo or worktree with o. It opens the selected row in a new tmux pane (a shell in its directory) or runs a configurable [open] command such as a GUI editor. Where it runs is configurable through placement: a tmux split or new window (with right-of, below, or a named target), inline in the current terminal, or an interactive picker chosen at launch. When gitpane is not running inside tmux, a tmux placement falls back to running the command inline.
Review the selected repo or worktree's diff with v. It runs [review] command (default git diff {base}...HEAD) in a new tmux window. The base ref comes from [review] base or the repository's resolved default branch; when neither resolves, gitpane shows a clear error instead of running a doomed diff.
Create and remove linked worktrees from gitpane, via both the key bindings and the context menu. Creation makes the worktree on a new branch under [worktree] dir (or as a sibling of the repo). Removal is confirmation gated and runs git worktree remove without --force, so git refuses to delete a dirty or main worktree and no work is lost.
Mark repositories and worktrees that have a live tmux pane cwd'd inside them with a ◉ indicator, so you can see at a glance where an agent or shell is parked. The marker is tmux only and shows nothing when tmux is unavailable.
Go to a repo's live tmux session with G (or the context menu). gitpane auto-detects your terminal and opens the session in a new tab (WezTerm, kitty, GNOME Terminal, Konsole) or a new window (Ghostty, Alacritty), so the current view is never replaced and there is no in-place switch to get stranded by. The terminal table is data driven and documented, and [goto] command overrides it for any other terminal.
[10 lines not shown]
PR lib/58282 revert refresh.c 1.132 (Mon Jun 29 06:06:10 UTC 2026)
This "broke stuff" (reported by gson@ and ryo@) and was reported as:
This has been reverted and sysinst behaves for me now.
Yet it had not been. Now it has.
sshd_config(5): Clarify again how to disable password authentication.
Upstream changed their version of this text by adding some quotation
marks but not really making it clearer. We had replaced the comment a
while ago to cross-reference UsePAM but it got lost in the update to
OpenSSH 10.0 last year. Restore the explanation of how to disable
password authentication, and expand on the relevant knobs a little.
PR bin/32313: sshd 'PasswordAuthentication no' silently fails
tests/bin/expr - fix the regex & length tests for UTF-8 input
If LC_CTYPE is to be set to a UTF-8 charset, the input must be
valid UTF-8 encoded data, or the results will not be what is expected.
0xFF as input is *not* ever valid in a UTF-8 string. It cannot be
the initial byte of a character (the biggest conceivable value for
that is 0xFC and even that is beyond what current UTF-8 allows, the
actual biggest is 0xF4), and it cannot be a trailing byte, as those
always have 1 0 as the two higest bits (ie: range is 0x80..0xBF)
mbrtowc() fix a stupid typo in the previous version.
No idea how I managed to miss this previously. This update should
make at least some of the ATF tests (and other stuff) which failed
after the previous change start working again.
py-uv py-uv-build: updated to 0.11.25
0.11.25
Security
This release updates our tar library, astral-tokio-tar, to v0.6.3, which includes over 20 changes that harden our tar handling against parser differentials. uv may reject source distributions with malformed or ambiguous content that were previously accepted.
See the upstream commits for a full list of changes.
Enhancements
Add a full "lockfile" to tool receipts
Allow scoped overrides to add dependencies
Avoid writing redundant lockfile markers with tool.uv.environments
Factor supported environments out of lockfile markers
Recommend our own build backend in the build frontend
Reject wheels with multiple .dist-info directories
Simplify dependency markers under parent reachability
[17 lines not shown]
Pull up following revision(s) (requested by riastradh in ticket #2026):
sys/dev/mm.c: revision 1.26
mm(4): Only grant kva exposure if user opens /dev/kmem.
Don't apply the same to /dev/null, /dev/zero, or anything else.
PR kern/60374: opening /dev/null exposes kva
Pull up following revision(s) (requested by riastradh in ticket #1296):
sys/dev/mm.c: revision 1.26
mm(4): Only grant kva exposure if user opens /dev/kmem.
Don't apply the same to /dev/null, /dev/zero, or anything else.
PR kern/60374: opening /dev/null exposes kva
Pull up following revision(s) (requested by riastradh in ticket #352):
sys/dev/mm.c: revision 1.26
mm(4): Only grant kva exposure if user opens /dev/kmem.
Don't apply the same to /dev/null, /dev/zero, or anything else.
PR kern/60374: opening /dev/null exposes kva
Pull up following revision(s) (requested by riastradh in ticket #2025):
sys/compat/netbsd32/netbsd32_socket.c: revision 1.57
compat32: Fix accidental use of error branch in recvmsg(2).
Avoids use-after-free / double-free.
PR kern/60373: compat32: kernel use-after-free in recvmsg
Pull up following revision(s) (requested by riastradh in ticket #1295):
sys/compat/netbsd32/netbsd32_socket.c: revision 1.57
compat32: Fix accidental use of error branch in recvmsg(2).
Avoids use-after-free / double-free.
PR kern/60373: compat32: kernel use-after-free in recvmsg
Pull up following revision(s) (requested by riastradh in ticket #351):
sys/compat/netbsd32/netbsd32_socket.c: revision 1.57
compat32: Fix accidental use of error branch in recvmsg(2).
Avoids use-after-free / double-free.
PR kern/60373: compat32: kernel use-after-free in recvmsg
Pull up following revision(s) (requested by riastradh in ticket #2024):
sys/modules/lua/lua.c: revision 1.29
distrib/sets/lists/tests/mi: revision 1.1422
tests/kernel/t_lua.c: revision 1.1
etc/MAKEDEV.tmpl: revision 1.239
distrib/sets/lists/debug/mi: revision 1.514
tests/kernel/Makefile: revision 1.97
sys/sys/lua.h: revision 1.10
MAKEDEV: Set default perms on /dev/lua to 0600.
Otherwise unprivileged users can submit Lua code into the kernel, if
lua.kmod is loaded (which doesn't happen by default, not even
autoloaded on demand).
PR misc/60375: lua.kmod enables local privilege escalation
lua(4): Fix and test some issues.
[16 lines not shown]
Pull up following revision(s) (requested by riastradh in ticket #1294):
sys/modules/lua/lua.c: revision 1.29
distrib/sets/lists/tests/mi: revision 1.1422
tests/kernel/t_lua.c: revision 1.1
etc/MAKEDEV.tmpl: revision 1.239
distrib/sets/lists/debug/mi: revision 1.514
tests/kernel/Makefile: revision 1.97
sys/sys/lua.h: revision 1.10
MAKEDEV: Set default perms on /dev/lua to 0600.
Otherwise unprivileged users can submit Lua code into the kernel, if
lua.kmod is loaded (which doesn't happen by default, not even
autoloaded on demand).
PR misc/60375: lua.kmod enables local privilege escalation
lua(4): Fix and test some issues.
[16 lines not shown]
Pull up following revision(s) (requested by riastradh in ticket #350):
sys/modules/lua/lua.c: revision 1.29
distrib/sets/lists/tests/mi: revision 1.1422
tests/kernel/t_lua.c: revision 1.1
etc/MAKEDEV.tmpl: revision 1.239
distrib/sets/lists/debug/mi: revision 1.514
tests/kernel/Makefile: revision 1.97
sys/sys/lua.h: revision 1.10
MAKEDEV: Set default perms on /dev/lua to 0600.
Otherwise unprivileged users can submit Lua code into the kernel, if
lua.kmod is loaded (which doesn't happen by default, not even
autoloaded on demand).
PR misc/60375: lua.kmod enables local privilege escalation
lua(4): Fix and test some issues.
[16 lines not shown]
postgresql-timescaledb: updated to 2.28.1
2.28.1
This release contains performance improvements and bug fixes since the 2.28.0 release. We recommend that you upgrade at the next available opportunity.
2.28.0
Highlighted features in TimescaleDB v2.28.0
Faster first() and last() queries on compressed data. TimescaleDB derives first(value, time) and last(value, time) aggregates straight from the columnstore's batch metadata, skipping batch decompression entirely. For the "latest reading per series" lookups that time-series workloads run constantly, that means meaningfully faster recency queries with no changes to your SQL queries.
Lighter, less disruptive continuous aggregate refreshes. refresh_continuous_aggregate() can now run incrementally in batches — the same behavior refresh policies already use — enabling breaking large manual refreshes into smaller chunks (tunable via buckets_per_batch, max_batches_per_execution, and refresh_newest_first) instead of one heavy operation. Refreshes also now take a lighter lock while processing the invalidation log, so they no longer block unrelated concurrent operations on the same continuous aggregate, improving behavior for concurrent workloads.
Vectorized execution now covers CASE expressions. TimescaleDB's columnar executor can now evaluate CASE ... WHEN expressions directly on compressed data, so queries using conditional logic stay on the fast vectorized path instead of falling back to slower row-by-row decompression. This speeds up a common pattern — conditional aggregations and computed columns over compressed history — with no query changes needed.
Add new aggregations to a continuous aggregate without rebuilding it. You can now run ALTER MATERIALIZED VIEW <cagg> ADD COLUMN <name> <type> GENERATED ALWAYS AS (<aggregate>) STORED to add a new computed aggregate to an existing continuous aggregate in place — no more dropping and recreating the whole aggregate just to track one more metric. New data populates the column going forward, letting your rollups evolve alongside your application. (Existing rows start as NULL; a forced refresh backfills them when you need historical values.)
icinga2: updated to 2.16.2
2.16.2 (2026-06-29)
This release fixes some critical security vulnerabilities in Icinga 2. Users are advised to upgrade immediately, as two
of them allow an unauthenticated attacker to take over or crash the Icinga 2 process over the network. The other
security fixes only affect authenticated API users.
In addition, a new permission named `filter-expression` is introduced, which allows specifying if individual API users
are allowed to use DSL filter expressions in API queries. This allows further restricting some API users that don't need
this capability, for example, those only submitting individual check results. Due to the incompatibility of this change,
enforcement of this permission is opt-in until v2.17; see the
[upgrading docs](https://icinga.com/docs/icinga-2/latest/doc/16-upgrading-icinga-2/#upgrading-to-2-16-2) for details.
* Verify that certificate update requests come from an authorized endpoint ([GHSA-vj39-ww8j-vvx5](https://github.com/Icinga/icinga2/security/advisories/GHSA-vj39-ww8j-vvx5))
* Fix stack overflow due to deeply nested data structures ([GHSA-wh38-wg57-5w7g](https://github.com/Icinga/icinga2/security/advisories/GHSA-wh38-wg57-5w7g))
* Prevent arbitrary config injection on object creation via the API ([GHSA-jgqj-x5j9-vgcm](https://github.com/Icinga/icinga2/security/advisories/GHSA-jgqj-x5j9-vgcm))
* Fix that `/v1/config/files` could send uninitialized memory in case of file I/O errors
* Add `filter-expression` permission to make it possible to prevent API users from using DSL filter expressions
* Windows: Update bundled OpenSSL to v3.5.7
Update to version 9.2.0747.
Changes:
- patch 9.2.0747: cscope: connection leak when growing the array fails
- patch 9.2.0746: NULL pointer dereference in gui_photon
- patch 9.2.0745: Crash with truncated spellfile
- patch 9.2.0744: popup_atcursor() closes immediately on white space
- runtime(odin): Update indent script, add indent tests
- CI: MS-Windows: Run gvim/vim tests in parallel
- patch 9.2.0743: string macros silently accept a size of the wrong type
- runtime(vim): Fix heredoc triggering misidentifcation of Vim9 script
- patch 9.2.0742: filetype: SSH keys and related filetypes not recognized
- runtime(css): add more missing CSS properties
- patch 9.2.0741: complete_check() does not return TRUE for mapped input
- patch 9.2.0740: GTK4: scrollbar wrongly displayed
- patch 9.2.0739: completion: 'autocompletedelay' blocks the main loop and drops autocommands
- runtime: guard recommended style settings consistently
- patch 9.2.0738: ml_recover() may write beyond block buffer
- CI: Bump actions/checkout in the github-actions group across 1 directory
[35 lines not shown]